How severe is CVE-2020-9252?

This vulnerability has a severity rating of LOW with a CVSS score of 2.3 out of 10.

What type of vulnerability is CVE-2020-9252?

This is classified as CWE-22, which is a common weakness in software security.

CVE-2020-9252 - LOW Severity | CVSS 2.3

Vulnerability Description

HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path.

Related Vulnerabilities

CVE-2020-12251

LOW

CVSS:2.2(Low)

An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an authenticated user to change the filename value (in the POST method) from the original filename to achieve dire...

CWE-222020

CVE-2023-25815

LOW

CVSS:2.2(Low)

In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initializati...

CWE-222023

CVE-2025-27726

LOW

CVSS:2.1(Low)

Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file download process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and ea...

CWE-222025

CVE-2015-5313

LOW

CVSS:2.5(Low)

Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows lo...

CWE-222015

CVE-2016-1212

LOW

CVSS:2.7(Low)

Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.

CWE-222016

CVE-2016-3972

LOW

CVSS:2.7(Low)

Directory traversal vulnerability in the dotTailLogServlet in dotCMS before 3.5.1 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the fileName parameter.

CWE-222016